refactor: move secrets off-shore

2025-01-20 20:57:53 +11:00 · 2025-01-20 20:57:53 +11:00 · d3d0ae8fcb
commit d3d0ae8fcb
parent 0ecc1cbf40
23 changed files with 231 additions and 179 deletions
--- a/modules/nixos/server/services/ookflix/lib.nix
+++ b/modules/nixos/server/services/ookflix/lib.nix
@ -132,14 +132,6 @@
    };
  };

-  mkServiceSecret = name: service: {
-    ${name} = {
-      file = "${self}/secrets/containers/${name}.age";
-      owner = cfg.services.${service}.user.name;
-      group = cfg.services.${service}.group.name;
-    };
-  };
-
  mkNetworkService = name: _network:
    nameValuePair "podman-network-${name}" {
      description = "Podman network ${name} for ookflix";
@ -151,5 +143,5 @@
      };
    };
 in {
-  inherit mkServiceStateFile mkServiceSecret mkBasicServiceOptions mkServiceOptions mkServiceStateDir mkServiceUser mkUserOption mkPortOption mkGroupOption mkVolumeOption mkSubdomainOption mkNetworkService;
+  inherit mkServiceStateFile mkBasicServiceOptions mkServiceOptions mkServiceStateDir mkServiceUser mkUserOption mkPortOption mkGroupOption mkVolumeOption mkSubdomainOption mkNetworkService;
 }